The National Financial Reporting Authority plans to adopt the revised International Standard of Audit 600 (ISA 600) to enhance auditor oversight and address significant audit lapses. To advance this initiative, NFRA will convene a meeting next week with key financial regulators, including the Reserve Bank of India, the Securities and Exchange Board of India, the Institute of Chartered Accountants of India, and the ministry of corporate affairs.
The revision of this standard is intended to strengthen the responsibilities of group auditors in overseeing the work of component auditors. Currently, there are numerous instances where audit reports from subsidiary companies are used to validate the financial health of the parent company. Industry insiders believe this practice is one way in which funds from listed companies are siphoned off, exploiting loopholes in the current system. As principal auditors often rely on subsidiary audit reports, malfeasance can go undetected.
READ | CSR funding in India: A promising experiment stumbles
NFRA’s response is prompted by several high-profile cases where auditors failed to report fraudulent activities, such as in the Coffee Day Enterprises Ltd case. In that instance, the regulator found that auditors neglected to report the fraudulent diversion of funds, despite evidence showing that public money was being channelled to an entity controlled by the promoter, which had no legitimate business ties to the listed company.
India’s auditing profession has faced turbulence in recent years, leading to a “double blame game,” with audited firms pushing back against accountants withdrawing their mandates. Even the Big Four firms have struggled to perform their duties judiciously. For example, Deloitte, the auditor of Byju’s, resigned due to a significant impact on its ability to conduct the audit according to necessary standards. Similarly, Price Waterhouse Chartered Accountants, another Big Four firm, resigned as statutory auditor for One97 Communications, the parent company of fintech giant Paytm. Deloitte also had a fallout with the Adani Group after raising concerns about certain transactions highlighted in the Hindenburg Research report on the group.
What is ISA 600
Given the string of high-profile financial irregularities in India, which have cast doubt on auditors, regulatory agencies are often sceptical about how auditors discharge their roles and responsibilities. ISA 600 seeks to address these concerns.
Revised ISA 600 will provide guidelines for conducting group audits, especially when component auditors are involved. The updated standard aligns with recent changes in auditing rules that focus on risk assessment. The revisions emphasise the importance of auditor scepticism, careful planning and execution of group audits, clear communication between the group auditor and component auditors, and detailed record-keeping. Auditors are also required to evaluate whether sufficient audit evidence, including from component auditors, has been obtained to form an opinion on the group’s financial statements.
This standard outlines the group auditor’s responsibilities for forming an opinion on the financial statements of the entire group, which includes subsidiaries, associates, joint ventures, and other related entities, according to ACCA Global. By requiring group auditors to actively supervise and review the work of component auditors, ISA 600 is effective in preventing malfeasance and ensuring more rigorous audits.
In the absence of ISA 600, auditors have relied too heavily on reports from subsidiary auditors without adequate scrutiny, leading to significant financial scandals in companies like Reliance Capital, IL&FS, and CG Power. The adoption of ISA 600 (Revised) is seen as a crucial step toward closing these gaps and enhancing the quality and integrity of financial audits in India.
While ISA 600 has been widely adopted internationally, these standards have not yet been implemented in India. Before they can be notified, they require recommendations from financial regulators like ICAI, NFRA, and SEBI.
Currently, auditing is governed by the Chartered Accountants Act of 1949, which holds chartered accountants liable in cases of malpractice. The law states that a CA in practice will be considered guilty of professional misconduct if they disclose information obtained during the course of their professional engagement to anyone other than the client who engaged them, without the client’s consent, or unless required by law.
NFRA was established in response to high-profile audit failures in 2018. Since then, the regulatory focus on auditors has intensified, with NFRA’s recent orders and circulars indicating a serious approach to keeping auditors accountable. The authority has also banned two auditors for alleged irregularities in the audit of IL&FS Financial Services.
However, simply monitoring the Big Five audit firms—EY, KPMG, Deloitte, Walker Chandiok & Co, and Price Waterhouse—will not suffice. Analysts recommend scrutinising the independence of auditors, as the company paying the audit fee could compromise the auditor’s independence.
Despite these challenges, NFRA remains optimistic about the future. Its Chairman recently noted that India is viewed as a bright spot among emerging markets by global investors. Emphasising the need for greater trust in corporate financial reporting, NFRA is hopeful that as new businesses and practices emerge, audit processes will also evolve, with more developments anticipated in the coming months. Nevertheless, the ongoing changes are sure to keep auditors vigilant.